Dear Experts,
We have gone-live with SSO 1.0 for NW AS ABAP using Kerberos technology on 20+ landscapes this year.Next year we are planning to upgrade to SSO 2.0 suite.
Now we have a question posted by our customers "Is there any way to restrict the incorrect password locked users to do SSO to AS ABAP?"
The reason behind this to make sure that an account is not a victim of an attack.If the users continue to SSO even though their account is locked due to incorrect password that means there is a possibility to oversee that their accounts are being attacked.
SAP has already treated this as a vulnerability on J2EE servers and released a note to fix this.Is there any possibility to achieve this on AS ABAP server as well?
Hope to hear soon!
Regards,
Karthik